2 matches found
CVE-2017-15276
OpenText Documentum Content Server formerly EMC Documentum Content Server through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches TAR archives. When unpacking TAR archives, Content Server...
CVE-2017-15276
CVE-2017-15276 affects OpenText Documentum Content Server (up to v7.3). An authenticated user can escalate privileges to superuser by uploading content in batches (TAR archives); during TAR unpacking, the server fails to verify archive contents, enabling path traversal via symlinks and access to ...